PHP code example of acip / oauth2-whatnot

1. Go to this page and download the library: Download acip/oauth2-whatnot library. Choose the download type require.

2. Extract the ZIP file and open the index.php.

3. Add this code to the index.php.
    
        
<?php
require_once('vendor/autoload.php');

/* Start to develop here. Best regards https://php-download.com/ */

    

acip / oauth2-whatnot example snippets




use Acip\OAuth2\Client\Provider\Whatnot;
use Acip\OAuth2\Client\Provider\WhatnotMode;

session_start();
header('Content-Type: text/plain');

$clientId = '{whatnot-client-id}';
$clientSecret = '{whatnot-client-secret}';
$redirectUri = 'https://example.com/callback-url';

$provider = new Whatnot(
    [
        'clientId'     => $clientId,
        'clientSecret' => $clientSecret,
        'redirectUri'  => $redirectUri,
    ],
    mode: WhatnotMode::STAGE // use WhatnotMode::LIVE for production
);

if (empty($_GET['code'])) {
    // Step 1. redirect to the authorization URL
    $options = [
        // use the 'scope' key to specify the desired scopes
        // see https://developers.whatnot.com/docs/getting-started/authentication#available-scopes
        'scope' => ['read:inventory', 'write:inventory'],
    ];

    $authorizationUrl = $provider->getAuthorizationUrl($options);
    $_SESSION['oauth2state'] = $provider->getState();
    header('Location: ' . $authorizationUrl);
    exit;
} elseif (empty($_GET['state']) || ($_GET['state'] !== $_SESSION['oauth2state'])) {
    // State is invalid, possible CSRF attack in progress
    unset($_SESSION['oauth2state']);
    exit('Invalid state');
} elseif (isset($_GET['code'])) {
    // Step 2. retrieve access and refresh tokens based on the authorization code

    // Try to get an access token (using the authorization code grant)
    $token = $provider->getAccessToken('authorization_code', [
        'code' => $_GET['code'],
        'client_id' => $clientId,
    ]);

    // store the token and the refresh token securely
    // $refreshToken = $token->getRefreshToken();
    // $accessToken = $token->getToken();

    // Optional: Now you have a token you can look up a users profile data
    try {
        // We got an access token, let's now get the user's details
        $resourceOwner = $provider->getResourceOwner($token);

        // Use these details to create a new profile
        printf('Hello %s!', $resourceOwner->getId());
    } catch (Exception $e) {
        // Failed to get user details
        exit('Oh dear... ' . $e->getMessage());
    }
}



use Acip\OAuth2\Client\Provider\Whatnot;
use Acip\OAuth2\Client\Provider\WhatnotMode;

$provider = new Whatnot([
        'clientId'     => '{whatnot-client-id}',
        'clientSecret' => '{whatnot-client-secret}',
        'redirectUri'  => 'https://example.com/callback-url',
    ],
    mode: WhatnotMode::STAGE
);

$refreshToken = $token->getRefreshToken();
$grant = new \League\OAuth2\Client\Grant\RefreshToken();
$newToken = $provider->getAccessToken($grant, ['refresh_token' => $refreshToken]);

$refreshToken = $token->getRefreshToken();
$accessToken = $token->getToken();
// store the new access token and the refresh token securely

$authorizationUrl = $provider->getAuthorizationUrl([
    'scope' => ['read:inventory', 'write:inventory'],
]);